Last Line of Defense: A Novel IDS Approach Against Advanced Threats in Industrial Control Systems

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

3 Citations (Scopus)

Abstract

Industrial control systems are becoming increasingly interconnected, and with it their vulnerability to malicious actors. While intrusion detection systems are suited to detect network-based attacks, they remain unable to detect more sophisticated attacks against control systems, for example a compromise of the PLCs. This paper makes the case that the evolving landscape of threats such as the Stuxnet malware requires an alternative approach to intrusion detection in industrial control systems. We argue that effective control of such advanced threats needs to happen in the last link of the control network, hence building a last line of defense. A proof of concept of this new paradigm was implemented for the control system of a dredging vessel, and we describe main lessons learned and pose open research questions we find based on these experiences for ICS intrusion detection.
Original languageEnglish
Title of host publicationDetection of Intrusions and Malware, and Vulnerability Assessment DIMVA 2017
Subtitle of host publicationInternational Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
EditorsM. Polychronakis, M. Meier
Place of PublicationCham
PublisherSpringer
Pages141-160
Number of pages20
ISBN (Electronic)978-3-319-60876-1
ISBN (Print)978-3-319-60875-4
DOIs
Publication statusPublished - 2017
EventDIMVA 2017: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Bonn, Germany
Duration: 6 Jul 20177 Jul 2017

Publication series

NameLecture Notes in Computer Science
PublisherSpringer International Publishing AG
Volume10327
ISSN (Electronic)0302-9743

Conference

ConferenceDIMVA 2017
CountryGermany
CityBonn
Period6/07/177/07/17

Keywords

  • Cyber physical security
  • Intrusion detection
  • Industrial control systems

Fingerprint

Dive into the research topics of 'Last Line of Defense: A Novel IDS Approach Against Advanced Threats in Industrial Control Systems'. Together they form a unique fingerprint.

Cite this